CN1864407A - Portable security module pairing - Google Patents

Portable security module pairing Download PDF

Info

Publication number
CN1864407A
CN1864407A CNA2004800291590A CN200480029159A CN1864407A CN 1864407 A CN1864407 A CN 1864407A CN A2004800291590 A CNA2004800291590 A CN A2004800291590A CN 200480029159 A CN200480029159 A CN 200480029159A CN 1864407 A CN1864407 A CN 1864407A
Authority
CN
China
Prior art keywords
key
control data
decode system
encrypted
prime number
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CNA2004800291590A
Other languages
Chinese (zh)
Other versions
CN100539679C (en
Inventor
P·吉约
L·阿尔巴内塞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nagra France Sas
KCA Licensing SA
Original Assignee
Canal Plus Technologies SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Canal Plus Technologies SA filed Critical Canal Plus Technologies SA
Publication of CN1864407A publication Critical patent/CN1864407A/en
Application granted granted Critical
Publication of CN100539679C publication Critical patent/CN100539679C/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/418External card to be used in combination with the client device, e.g. for conditional access
    • H04N21/4181External card to be used in combination with the client device, e.g. for conditional access for conditional access
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs
    • H04N21/4405Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving video stream decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/234Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs
    • H04N21/2347Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26606Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/436Interfacing a local distribution network, e.g. communicating with another STB or one or more peripheral devices inside the home
    • H04N21/4367Establishing a secure communication between the client and a peripheral device or smart card
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/442Monitoring of processes or resources, e.g. detecting the failure of a recording device, monitoring the downstream bandwidth, the number of times a movie has been viewed, the storage space available from the internal hard disk
    • H04N21/44231Monitoring of peripheral device or external card, e.g. to detect processing problems in a handheld device or the failure of an external recording device
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/162Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing
    • H04N7/163Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing by receiver means only
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/167Systems rendering the television signal unintelligible and subsequently intelligible
    • H04N7/1675Providing digital key or authorisation information for generation or regeneration of the scrambling sequence
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/601Broadcast encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Multimedia (AREA)
  • Computer Security & Cryptography (AREA)
  • Databases & Information Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Automation & Control Theory (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A method for pairing a first element and a second element, wherein the first element and the second element form a first decoding system among a plurality of receiving decoding systems in a broadcasting network. Each receiving decoding system is adapted to descramble scrambled audiovisual information received over the broadcasting network. A first key unique in the broadcasting network is selected. A second key is determined according to the first key, such that a combination of the first key and the second key enables to decrypt broadcasted encrypted control data that is received to be decrypted by each receiving decoding system, the encrypted control data being identical for each receiving decoding system. The first key and the second key are assigned respectively to the first element and the second element.

Description

The portable security module pairing
Background of invention
Technical field
The present invention relates to be used to the method for matching decoder and portable security module, also relate to the decoder and the portable security module of the audio-visual information that is suitable for the scrambling of descrambling institute.
Background technology
It is known sending ciphered data in the pay television system field, wherein usually by land reflector, satellite or via the audio-visual information of cable television network to the scrambling of a plurality of users broadcasting institute, each user have can the scrambling of descrambling institute audio-visual information for decoder of watching subsequently or receiver/decoder.
In canonical system, can use control word to come the audio-visual information of descrambling institute scrambling.In order to attempt the fail safe of the system that improves, change described control word usually about per ten seconds.Each user was received as the necessary control word of audio-visual information of descrambling institute scrambling so that can watch the content that is sent in per 10 seconds in ECM (using ECM Entitlement Control Message).
Control word itself is by utilizing secret key encryption and being sent out with encrypted form in ECM.The audio-visual information of institute's scrambling and the control word of being encrypted are received by decoder, and under the situation of user's received payment, described decoder can be visited the key of being stored on the portable security module (for example, smart card) that is inserted that utilizes in described decoder.Utilize key to decipher the control word of being encrypted by the smart card use.Smart card sends control word to decoder.Use the control word of deciphering to come the audio-visual information of descrambling institute scrambling by decoder.Decoder is in fact powerful in the audio-visual information that is enough to descrambling institute scrambling in real time.
Utilize key itself regularly to change, for example approximately change once every month.EMM (entitlement management message Entitlement Management Message) every month is received and is sent in the smart card by decoder.EMM comprises the key that utilizes of coding form.The group key that the is assigned to smart card coded key that utilizes of can decoding.
Can distribute to a smart card or smart card group to group key.The EMM that is assigned to definite smart card group comprise utilize the respective sets key coding utilize key and distribute to determine the group group #.
Each decoder received a plurality of EMM in every month.For the EMM of each reception, decoder the group # of reception EMM be inserted into described decoder in smart card under the group # organized compare.If they equate, decoder sends described EMM and is included in to smart card and utilizes key decoded among the described EMM so.
Utilize this system, smart card can use for any decoder.The user for example can lend others to his smart card.Having necessity utilizes any decoder to use the possibility of smart card to come to introduce constraint in described system by restriction.Known a kind of method for limiting is pairing.Contrast means is provided so as the smart card of guaranteeing to determine corresponding to the decoder of determining and can not utilize any other decoder to operate.
In typical case, when subscribing beginning, first numbering and second numbering are downloaded in decoder and the smart card.Carry out validation test termly by decoder and smart card.The value that is stored in the numbering of second the described smart card is asked and received to decoder termly from smart card.Whether second number value that the decoder inspection is received is similar with second numbering of being downloaded.Result according to validation test judges.If second number value that is received is different from second numbering, the audio-visual information of being downloaded of descrambling institute scrambling not so.Similarly, smart card is stored in the value that first the described decoder numbered from decoder request and reception termly.Whether first number value that the smart card inspection is received is similar with first numbering of being downloaded.
If the tricker manages to ignore the judgement of carrying out according to test result, for example be second number value that toilet receives be different from downloaded second number the also audio-visual information of descrambling institute scrambling, can make described pairing become inoperative so.
Can realize more healthy and stronger matching method.Give the decode system of determining the pairing encryption key distribution of determining, described decode system comprises decoder and smart card.When subscribing beginning, the pairing key is downloaded in decoder and the smart card.Described decoder and smart card use the pairing key to communicate with one another.Smart card use in per 10 seconds is stored in the control word that the smart card pairing key in the described smart card is encoded and deciphered.Smart card sends coded control word to decoder.If be different from described pairing key if be stored in pairing key or the smart card pairing key that decoder pairing key in the decoder is different from decode system, the control word that so described decoder can not decoding and coding and the information data of descrambling scrambling not.This pair system can also avoid having the people to read described control word in control word when smart card is sent to decoder.
Yet visit decoder pairing key is easy relatively.Thereby the pairing key possibility of decode system is stolen and make smart card can utilize another decoder to operate.
In European patent EP 466916, described the 3rd matching method and in Fig. 1, illustrated.Encryption system 101 comprises the scrambler (not shown), is used to utilize key 104 to come scrambling audio-visual information (not shown).First cipher key encryptor 105 is used the first secret sequence numbering SSN0 that is stored in SSN0 database 106 iCome encryption key 104.Also in second cipher key encryptor 107, use the second secret sequence numbering SSN1 that in SSN1 database 108, is stored iEncrypt described key 104.This produces superencipher key (114 1..., 114 i..., 114 n) sequence, it is sent together with the audio-visual information of institute's scrambling subsequently.A plurality of reception decode systems (109 at radio network 1..., 109 i..., 109 n) among decode system 109 iReceive the audio-visual information of institute's scrambling and from a superencipher key of superencipher key series.
Each receives decode system (109 1..., 109 i..., 109 n) comprise decoder (112 1..., 112 i..., 112 n) and portable security module (111 1..., 111 i..., 111 n).Each decoder (112 1..., 112 i..., 112 n) comprise SSN0 memory (113 1..., 113 i..., 113 n), described SSN0 memory (113 1..., 113 i..., 113 n) comprise the first secret sequence numbering (SSN0 1..., SSN0 i..., SSN0 n).The first secret sequence numbering (SSN0 1..., SSN0 i..., SSN0 n) be unique to each decoder or Decoder bank.Each portable security module (111 1..., 111 i..., 111 n) comprise SSN1 memory (110 1..., 110 i..., 110 n), described SSN1 memory (110 1..., 110 i..., 110 n) comprise the second secret sequence numbering (SSN1 1..., SSN1 i..., SSN1 n).The second secret sequence numbering (SSN1 1..., SSN1 i..., SSN1 n) be unique for each portable security module or portable security module group.
Decode system 109 iAt portable security module 111 iMiddle first secret key decryption of carrying out.Portable security module 111 iUse the second secret sequence numbering SSN1 iCarry out the key of first secret key decryption and output deciphering.The key of part deciphering is sent to decoder 112 iUse is at SSN0 memory 113 iIn the first secret sequence numbering SSN0 that stored iDecipher described key fully.Xie Mi key is used for the audio-visual information of descrambling institute scrambling fully.
Because the second secret sequence numbering SSN1 iBe stored in portable security module 110 iIn and thereby become and be difficult to read, so the 3rd matching method provides healthy and strong pairing.
Summary of the invention
According to first aspect, the invention provides and be used to the method for matching first element and second element.First element and second element form first decode system among a plurality of reception decode systems in the radio network, and each receives decode system and is suitable for the audio-visual information of descrambling via the scrambling of described radio network reception.Described method comprises selects first key, described first key is unique in radio network, and determine second key according to described first key, so that described first key and second combination of keys can be deciphered the encrypted control data of being broadcasted, described encrypted control data is received cause, and each receives the decode system deciphering, and it is identical that described encrypted control data receives decode system for each.Give first element and second element first key and second encryption key distribution respectively.
In first preferred embodiment, the audio-visual information that control data can the scrambling of descrambling institute.In addition, described method also is included in first decode system reception encrypted control data and uses first key and use second key to decipher described encrypted control data at second element at first element.
In second preferred embodiment, control data is a control word, and uses described control word to come the scrambling audio-visual information.
In the 3rd preferred embodiment, described control data is the using ECM (ECM) that comprises control word.Use control word to come the scrambling audio-visual information.
In the 4th preferred embodiment, control data is to utilize key.Utilize the key control word of can decoding, and use described control word to come the scrambling audio-visual information.
In the 5th preferred embodiment, control data is the entitlement management message of utilizing key (EMM) that comprises the control word of can decoding.Use control word to come the scrambling audio-visual information.
In the 6th preferred embodiment, use RSA Algorithm to come the control data of enabling decryption of encrypted.Select the first prime number p and the second prime number q, and modulus n is calculated as the product that equals the described first prime number p and the second prime number q.Encryption key e is selected as less than described modulus and relatively prime with the function of the first prime number p and the second prime number q.Private key is determined to be equivalent to the mould of the inverse of encryption key to the function of the first prime number p and the second prime number q.Select first key and second key so that the product of described first key and second key equals the mould of private key to the function of the first prime number p and the second prime number q.Remove the first prime number p and the second prime number q.
In the 7th preferred embodiment, described method also is included in each and receives decode system and receive and comprise the message of described encrypted control data and use first key and use second key to come the control data of enabling decryption of encrypted at second element at first element.
In the 8th preferred embodiment, use the discrete logarithm algorithm to decipher described encrypted control data.Described method also comprises selects prime number q, selects the primitive root g of described prime number; Wherein the product of first key and second key equals the mould of private key to described prime number.
In the 9th preferred embodiment, described method also is included in each and receives the message that decode system receives the enciphered message that comprises that utilization transfer key (cession key) is encrypted, and described message also comprises the random number k time power of the primitive root g of prime number.Use first key and use second key so that calculate the transfer key at first element according to the inferior power of the random number k of prime number at second element.Use the transfer key to decipher described information encrypted.
In the tenth preferred embodiment, described information encrypted is the audio-visual information of institute's scrambling.
In the 11 preferred embodiment, described information encrypted is a control word, and uses described control word to come the scrambling audio-visual information.
In the 12 preferred embodiment, described method comprises also respectively first key and second key is belonged to three element and quaternary part at least that described three element and quaternary part form second decode system that is different from first decode system.
In the 13 preferred embodiment, first element is a decoder; And second element is a portable security module.
According to second aspect, the invention provides first decode system among a plurality of reception decode systems in radio network, each receives the audio-visual information that decode system is suitable for the scrambling that descrambling receives via described radio network.First decode system comprises first element that is assigned with first key, described first key is unique in radio network, with second element that is assigned with second key, determine described second key so that described first key and second combination of keys can be deciphered the encrypted control data of being broadcasted according to described first key, described encrypted control data is received cause, and each receives the decode system deciphering, and it is identical that described encrypted control data receives decode system for each.
In the 14 preferred embodiment, first decode system also comprises the receiving system that is used to receive the encrypted control data of being broadcasted, right with the decoding (decryption) that comprises first decoding and second decoding, described first decoding and second decoding lay respectively at first element and second element, and described decoding is deciphered the encrypted control data of being broadcasted to using first key and second key.
In the 15 preferred embodiment, use the discrete logarithm algorithm to decipher the encrypted control data of being broadcasted.
In the 16 preferred embodiment, use RSA Algorithm to decipher the encrypted control data of being broadcasted.
In the 17 preferred embodiment, control data is a control word, uses described control word to come the scrambling audio-visual information.
In the 18 preferred embodiment, control data is to utilize key, and the described key control word of can decoding of utilizing uses described control word to come the scrambling audio-visual information.
In the 19 preferred embodiment, first element is a decoder, and second element is a portable security module.
According to the third aspect, the invention provides and be used to match the equipment of first element and second element, described first element and second element form first decode system among a plurality of reception decode systems in the radio network, each receive decode system be suitable for descrambling via described radio network receive by the audio-visual information of scrambling.Described equipment comprises the choice device that is used to select first key, and described first key is unique in radio network.Processing unit is determined second key according to first key, make described first key and second combination of keys can decipher the encrypted control data of being broadcasted, described encrypted control data receives decode system at each and is received so that decipher, and it is identical that described encrypted control data receives decode system for each.Distributor is given first element and second element first key and second encryption key distribution respectively.
According to following description and claims, other aspects and advantages of the present invention will be clearer.
Description of drawings
Fig. 1 comprises the schematic diagram according to the 3rd matching method of prior art.
Fig. 2 shows the flow chart according to matching method of the present invention.
Fig. 3 comprises the schematic diagram according to matching method of the present invention.
Fig. 4 comprises the schematic diagram of the first embodiment of the present invention.
Fig. 5 comprises the schematic diagram of the fourth embodiment of the present invention.
Fig. 6 comprises the schematic diagram of the fifth embodiment of the present invention.
Embodiment
Radio network can comprise a large amount of reception decode systems, is millions of in typical case.The 3rd matching method requires coded system to send superencipher key series.Each superencipher key is unique for the reception decode system or for receiving the decode system group.Thereby the duration that sends superencipher key series may be longer relatively.Transmission superencipher key series described in third party's method only took place once in one month.Need a kind of method that can send single encryption key, so that check pairing more continually to a plurality of decode systems of radio network.
Fig. 2 provides and has been used to match the flow chart of illustrative methods of first element and second element.First decode system among a plurality of reception decode systems in first element and second element formation radio network.Each receive decode system be suitable for descrambling via radio network receive by the audio-visual information of scrambling.201, select first key.First key is unique in radio network.202, determine second key according to first key, make described first key and second combination of keys can decipher the encrypted control data of being broadcasted.Described encrypted control data is received cause, and each receives the decode system deciphering.It is identical that described encrypted control data receives decode system for each.203, first key and second key are distributed to first element and second element respectively.For example first key and second key first protected storage that can be stored in first element respectively neutralizes in second protected storage of second element, and described protected storage is protected preventing and is read.
Fig. 3 provides at a plurality of reception decode systems (301 1..., 301 i..., 301 n) among according to first decode system 301 of the present invention iIllustration.Each receives the audio-visual information that decode system is suitable for the scrambling of descrambling institute.First decode system 301 iComprise first element 302 iWith second element 303 i
First element 302 iIt can be decoder; And second element 303 iIt can be portable security module.Portable security module for example can be a smart card.
First key K I1Be assigned to decoder, and second key K I2Be assigned to smart card.First key K I1With second key K I2Formation is that unique key is right for radio network.Have only a key of described cipher key pair to be selected at random.If select first key K at random I1, so according to described first key K I1Determine second key K I2, make described first key K I1With second key K I2Combination can decipher the encrypted control data of being broadcasted 304.
The encrypted control data of being broadcasted 304 is intended to receive decode system by each and deciphers.Encrypted control data 304 receives decode system (301 for each 1..., 301 i..., 301 n) be identical.In typical case, first key K I1With second key K I2And or described first key K I1With second key K I2Product to the pair system key K PSIt is the modulus congruence.The pair system key K PSCan decipher the encrypted control data of being broadcasted 304.Be to use single encoded key K at coded system 305 control datas eEncrypt.
If use asymmetric cryptographic algorithm to encrypt and decipher the control data of being broadcasted, so the pair system key K PSCan be private key and coded key K eIt can be corresponding public key.If cryptographic algorithm is symmetrical, pair system key K so PSWith coded key K eCan be identical.
According to the 3rd matching method of prior art, for each secret sequence numbering to (SSN0 i, SSN1 i), promptly receive decode system or receive decode system group transmission superencipher key for each for each.Coded system must send superencipher key series, and this may be longer relatively.Can send the enciphered data of single broadcast to radio network according to method of the present invention.For corresponding to single encoded key K eSingle pair system key K PS, in fact can provide more different keys to (K I1, K I2), make the key K of winning I1With second key K I2Product to the pair system key K PSIt is the modulus congruence.Can test the pairing of each receiving system by the encrypted control data that sends single broadcast according to method of the present invention.Can be than the test of once carrying out more frequently January each receiving system pairing of radio network, for example per 10 seconds, thus safer pairing is provided.
Can carry out the pairing test by send encrypted control data to radio network, described encrypted control data is necessary for the audio-visual information of descrambling institute scrambling.For example, control data can be a control word, the audio-visual information that described control word directly can the scrambling of descrambling institute.
Encrypted control data can also be the using ECM (ECM) that comprises the control word of encryption.
Control data can also be to utilize key, describedly utilizes the control word that key can decoding and coding.Can use control word to come the audio-visual information of descrambling institute scrambling.
Encrypted control data can also be the entitlement management message of utilizing key (ECM) that comprises encryption.
Encrypted control data can also be the audio-visual information of institute's scrambling, uses first key and second key to come the audio-visual information of the described scrambling of direct descrambling.Under latter event, portable security module can be powerful relatively so that real-time decoding can be provided.
If decoder and smart card match, first key K so I1With second key K I2Combination to the pair system key K PSIt is the modulus congruence.Decode system receives and utilizes coded key K eEncrypted control data, for example control word.Use first key and use second key to come decryption control words at decoder at smart card.Control word can be in the audio-visual information of decoder descrambling institute scrambling.
If decoder and smart card do not match, first key K so I1With second key K I2Combination to the pair system key K PSIt or not the modulus congruence.Decode system can not correctly be deciphered the control word of described encryption and audio-visual information that can the scrambling of descrambling institute.
In first embodiment, the key that invests decode system is to being attributed to the second reception decode system that is different from first decode system at least.Fig. 4 provides the illustration of first embodiment.Decode system (402 can received 11..., 402 M1..., 402 1i..., 402 Mi..., 402 1n..., 402 Mn) a plurality of groups (401 1..., 401 i..., 401 n) among the definition have same key to (K I1, K I2) decode system (402 1i..., 402 Mi) " group " 401 iThis embodiment can make pairing be easy to carry out, but tests pairing according to mode same as described above.Coded system 403 is encrypted control data, and via Web broadcast institute encrypted control data 404.Each receiving system (402 of any group 11..., 402 M1..., 402 1i..., 402 Mi..., 402 1n..., 402 Mn) receive the encrypted control data 404 broadcasted and use first key and second key is deciphered described control data.In this embodiment, can operate with described definite group any smart card from the decoder of determining group.Each group comprises the reception decode element that number is less relatively, so that the first smart card can be relatively low with the probability that second people's decoder is operated.
In a second embodiment, when subscribing beginning, carry out pairing.The operator downloads to first key and second key in decoder and the smart card respectively.Protect first key and second key to make it to avoid being read.
In the 3rd embodiment, change first key and second key regularly, for example January is once.Decoder bank key G1 is attached to decoder, and smart card group key G2 can be attached to smart card.Decoder bank key G1 and smart card group key G2 for example can be the sequence numberings that invests single decoder and single smart card respectively.Decoder bank key G1 and smart card group key G2 can also be invested Decoder bank or smart card group respectively.Decoder bank key G1 and smart card group key G2 form first decode system or receive the distinctive key set of decode system group.
Carry out pairing regularly: an EMM and the 2nd EMM are sent to first decode system.Decoder receives an EMM and the 2nd EMM, and sends described the 2nd EMM to smart card.The one EMM comprises the first key d that utilizes Decoder bank key G1 to encode 1The 2nd EMM comprises the second key d that utilizes smart card group key G2 to encode 2Select the first key d 1With the second key d 2Make the described first key d 1With the second key d 2Product to the pair system key K PSIt is the modulus congruence.Decoder utilizes the Decoder bank key G1 first key d that decodes 1, and smart card utilizes the smart card group key G2 second key d that decodes 2
The first key d 1With the second key d 2Can decipher the encrypted control data of being broadcasted, the control word of for example utilizing coded key to encrypt.Can also change coded key K in every month eWith the pair system key K PS, and can be according to described coded key K eWith the pair system key K PSNew value determine the first key d 1With the second key d 2If in a single day a people has determined two values that key is right, this people can use first decoder from first decoding device with second smart card from another reception decode system so.Yet, after one month, when having replaced the first key d 1With the second key d 2The time, this people may determine two new values that key is right.This 3rd alternative embodiment is that pair system has added more fail safe.
RSA Algorithm
In the 4th embodiment, use RSA Algorithm to encrypt control data.Fig. 5 provides the flow chart that is used to illustrate the 4th embodiment.By at first selecting the first prime number p and the second prime number q to carry out pairing.Modulus n is calculated as the product that equals the first prime number p and the second prime number q:
n=p*q
Then, from the value of the first prime number p, the second prime number q and modulus n, select coded key K e, make:
K e<n and K eWith φ (p is relatively prime q),
Wherein φ (p q) is the function of the first prime number p and the second prime number q so that:
φ(p,q)=(p-1)(q-1)
RSA Algorithm is an asymmetric cryptographic algorithm.Coded key K eBe intended to be used for encrypt control word CW in coded system 501.Coded key K eBe PKI and can determine corresponding to described coded key K eThe pair system key K PS, described pair system key K PSIt is the private key that is different from described PKI.Can be by following definite pair system key K PS:
K PS=(1/K e)moduloφ(p,q)
Selection comprises the first key d 1With the second key d 2Key to so that the described first key d 1With the second key d 2Product to the pair system key K PSBe the modulus congruence:
K PS=d 1*d 2?moduloφ(p,q)
Can select first key at first at random, and can be according to the described first key d 1, the pair system key K PSAnd function phi (p q) determines second key.
The first prime number p and the second prime number q are not distributed to any equipment; Remove them so that know coded key K eCan not decipher with the people of modulus n and to utilize described coded key K eInstitute's ciphered data.And in fact the first prime number p and the second prime number q for definite pair system key K PSBe necessary.
Can give decoder 502 first encryption key distribution, and can give smart card 503 second encryption key distribution.Decoder 502 and smart card 503 form first decode system 504 among a plurality of reception decode systems in the radio network.Receive decode system for each, can provide distinguishing key right.
The described pairing of routine test.Use control word CW to come scrambling 505 audio-visual information m in coded system 501, and it is sent to a plurality of reception decode systems continuously.Control word approximately changed once in per 10 seconds.
Coded system 501 is used coded key K eEncrypt 506 control word CW and the control word of being encrypted is sent to a plurality of reception decode systems.
Decode system 504 receives the audio-visual information E of described scrambling CW(m) and the control word E that encrypts Ke(CW).The control word E that encrypts Ke(CW) can be received and for example can be sent to smart card 503 at decoder 502.The control word E that smart card can calculate and encrypt Ke(CW) the second key d 2Inferior power equates or the first median [E of congruence Ke(CW)] D2, and send it to decoder 502.Decoder can receive the first median [E Ke(CW)] D2Can be at decoder second the median [[E Ke(CW)] D2] D1Be calculated as and equal the first median [E Ke(CW)] D2The first key d 1Inferior power.Control word CW equals the mould of second median to modulus n.
Thereby, use first key and use second key to come decryption control words at decoder at smart card.Can use control word CW to come the audio-visual information E of 507 scramblings of descrambling CW(m).If decoder and smart card are not correctly matched, promptly distribute to the first key d of decoder 1With the second key d that distributes to smart card 2Product to the pair system key K PSNot the modulus congruence, the so non-decrypting control word CW and the audio-visual information of descrambling institute scrambling not.
If a people knows that first key that belongs to first decode system is to (d 11, d 21), it is right that this people can not produce all keys so in this embodiment.In fact, removed function phi (p, q), and because the first key d 11With the second key d 21Product equal the pair system key K PSTo function phi (p, mould q), so function phi (p, q) for definite key to being necessary.Be necessary also to know that second key is to (d 21, d 22) so that definite function phi (p, q).(p is q) in fact divided by difference d for function phi 21* d 22-d 11* d 12
In first alternative embodiment, decoder receives the control word E that encrypts Ke(CW) and carry out first the operation: first candidate's median [E Ke(CW)] D1The control word E that is calculated as and encrypts Ke(CW) the first key d 1Inferior power equates or congruence.First candidate's median [E Ke(CW)] D1Send to smart card.Can be at smart card second the median [[E Ke(CW)] D2] D1Be calculated as and equal first candidate's median [E Ke(CW)] D1The second key d 2Inferior power.According to second the median [[E Ke(CW)] D2] D1Determine control word CW and use it for the audio-visual information E of descrambling institute scrambling CW(m).
In second alternative embodiment, first median does not directly send to decoder (or send to smart card from described decoder) from smart card.First median was only used before being sent out and is encoded by the privacy key known to decoder and the smart card.Asymmetric cryptographic algorithm also can be used for snapping into from intelligence the communication of decoder.
In the 3rd alternative embodiment, not directly to use coded key K eWith key to the encryption and decryption control word, utilize key and be to use.Utilize the key control word of can encoding and decode itself, the audio-visual information that described control word can the scrambling of descrambling institute.In this 3rd alternative embodiment, can not match test so continually, for example January is once.
The discrete logarithm algorithm
In the 5th embodiment, use the discrete logarithm algorithm to come the broadcast encryption data.Fig. 6 provides the flow chart that is used to illustrate the 5th embodiment.Carry out pairing by the primitive root g that at first selects prime number q and described prime number q.Selection is used for the private key of communicating by letter between any reception decode system of coded system 601 and a plurality of reception decode system (not shown), and transfers the possession of key g KaBe calculated as the private key a and the random number k product time power that equal primitive root g, wherein select described random number randomly.
Select the first key a 1According to the first key a 1, prime number q and private key a determine the second key a 2, so that the described first key a 1With the second key a 2Product be the modulus congruence to private key a with the mould of prime number q.The first key a 1With the second key a 2It is right to be formed on key unique in the radio network.
The described pairing of routine test.Coded system 601 is selected the value of 602 random number k.Use the transfer key to encrypt 603 information.Coded system 601 sends message to radio network.Described message comprises the information encrypted E of institute g(m) and part key g k, described part key equals the random number k time power of primitive root g.Decoder 604 receives and sends the part key to smart card 605.
The first key a 1With the second key a 2Be used for deciphering institute's information encrypted.Smart card is the first median [g k] A2Be calculated as and part key g kThe second key a 2Inferior power equates or congruence.Then the first median [g k] A2Send to decoder.Decoder is second the median [[g k] A2] A1Be calculated as and equal the first median [g k] A2The first key a 1Inferior power.Can be defined as equaling the mould of second median transferring the possession of key according to second median to prime number q.
Can use the transfer key to decipher institute's information encrypted.
Described information can be audio-visual information.In the later case, the first key a 1With the second key a 2Be used for deciphering the audio-visual information of being encrypted by transferring the possession of key.May match test continually, for example per 10 seconds once.
In first alternative embodiment, institute's information encrypted is the control word of encrypting, and described control word is used for the descrambling audio-visual information.The first key a 1With the second key a 2Be used for deciphering described control word by transferring the possession of key.Described control word can the descrambling audio-visual information.
In second alternative embodiment, decoder receiving unit key g kAnd carry out first operation: first candidate's median [g k] A1Be calculated as and described part key g kThe first key a 1Inferior power equates or congruence.First candidate's median [g k] A1Send to smart card.Can be at smart card second the median [[g k] A2] A1Be calculated as and equal first candidate's median [g k] A1The second key a 2Inferior power.Transfer the possession of key g KaAccording to second the median [[g k] A2] A1Determine, and be used for descrambling enciphered message E g(m).
In the 3rd alternative embodiment, can be utilized as decoder and smart card shared privacy key be coded in communication between described decoder and the smart card.
In order to increase the fail safe of system, all or any embodiment described above can implement with being bonded to each other.
The present invention is specially adapted to the communication of television broadcasting.The present invention also expands to the decoder and the security module of the audio-visual information that is applicable to come as mentioned above the scrambling of descrambling institute.
Term " portable security module " is used for meaning the portable card type equipment based on chip of any routine, and it for example has microprocessor and/or memory.This can comprise smart card, pcmcia card, SIM card etc.In this term, comprise chipset, for example such as the equipment that is usually used in the key shape in the TV decoder system with variable physical form.
Here for clear term " scrambling " and " encryption " and " control word " and " key " of having used in many ways of language.Yet should be appreciated that between " data of scrambling " and " ciphered data " or between " control word " " key ", do not do the difference of essence.
Term " control data " refers to any data or the audio-visual information itself that can be close to the direct decoding audio-visual information.
Similarly, although this specification has related to " receiver/decoder " and " decoder ", but should be understood that: the embodiment that integrates for receiver and decoder, with in conjunction with physically independently receiver and the decoder element of working, the decoder element that includes other function and the same with the integrated decoder element of miscellaneous equipment (such as television set, recording equipment etc.), the present invention is suitable for equivalently.
Term " a plurality of decode system " or " a plurality of decode systems in the radio network " are used to mean the decode system corresponding to the very big figure of decode system user base, surpass 1,000 in typical case.
Though limited with respect to number embodiment has described the present invention, those skilled in the art should be appreciated that by means of the disclosure can design other embodiment under situation about not breaking away from this disclosed scope of the invention.Therefore, scope of the present invention should only be limited by claims.

Claims (22)

1. one kind is used to the method for matching first element and second element, described first element and second element form first decode system among a plurality of reception decode systems in the radio network, each receives decode system and is suitable for descrambling via described radio network received by the audio-visual information of scrambling, and described method comprises:
Select first key, described first key is unique in described radio network;
Determine second key according to described first key, so that described first key and second combination of keys can be deciphered the encrypted control data of being broadcasted, described encrypted control data is received cause, and each receives the decode system deciphering, and it is identical that described encrypted control data receives decode system for each;
Give described first element and second element described first key and second encryption key distribution respectively.
2. the method for claim 1, wherein said control data can the scrambling of descrambling institute audio-visual information, described method also comprises:
Receive encrypted control data at described first decode system;
Use described first key and use described second key to come the control data of enabling decryption of encrypted at described first element at described second element.
3. as any one described method in the claim 1 to 2, wherein said control data is a control word, uses described control word to come the described audio-visual information of scrambling.
4. as any one described method in the claim 1 to 2, wherein said control data is the using ECM (ECM) that comprises control word, uses described control word to come the described audio-visual information of scrambling.
5. as any one described method in the claim 1 to 2, wherein said control data is to utilize key, and the described key control word of can decoding of utilizing uses described control word to come the described audio-visual information of scrambling.
6. as any one described method in the claim 1 to 2, wherein said control data is to comprise the entitlement management message (EMM) of utilizing key, and the described key control word of can decoding of utilizing uses described control word to come the described audio-visual information of scrambling.
7. as any one described method in the claim 1 to 6, wherein use RSA Algorithm to decipher institute's encrypted control data, described method also comprises:
Select the first prime number p and the second prime number q;
Modulus n is calculated as the product that equals the described first prime number p and the second prime number q:
Encryption key e is chosen as less than described modulus and relatively prime with the function of the described first prime number p and the second prime number q;
Private key is defined as equaling the mould of the inverse of encryption key to the function of the first prime number p and the second prime number q;
Select described first key and second key so that the product of described first key and second key equals the mould of private key to the function of the described first prime number p and the second prime number q;
Remove the described first prime number p and the second prime number q.
8. method as claimed in claim 7 also comprises:
Receive decode system at each and receive the message that comprises institute's encrypted control data;
Use described first key and use described second key to decipher institute's encrypted control data at described first element at described second element.
9. as any one described method in the claim 1 to 2, wherein use the discrete logarithm algorithm to decipher institute's encrypted control data, described method also comprises:
Select prime number q;
Select the primitive root g of described prime number q; And
The product of wherein said first key and second key equals the mould of private key to described prime number q.
10. method as claimed in claim 9 also comprises:
Receive the message that decode system receives the enciphered message that comprises that utilization transfer key is encrypted at each, described message also comprises the random number k time power of the primitive root g of prime number;
Use described first key and use described second key to calculate described transfer key at described first element with random number k time power according to prime number at described second element;
Use described transfer key to decipher institute's information encrypted.
11. method as claimed in claim 10, wherein said information encrypted are the audio-visual informations of institute's scrambling.
12. method as claimed in claim 10, wherein said information encrypted is a control word, and uses described control word to come the described audio-visual information of scrambling.
13. as any one described method in the claim 1 to 12, comprise also respectively described first key and second key are belonged to three element and quaternary part at least that described three element and quaternary part form second decode system that is different from described first decode system.
14. as any one described method in the claim 1 to 13, wherein
Described first element is a decoder;
Described second element is a portable security module.
15. first decode system among a plurality of reception decode systems in radio network, each receives decode system and is suitable for the audio-visual information of descrambling via the scrambling of described radio network reception, and described first decode system comprises:
First element has been assigned with first key, and described first key is unique in described radio network;
Second element, be assigned with second key, determine described second key so that described first key and second combination of keys can be deciphered the encrypted control data of being broadcasted according to described first key, described encrypted control data is received cause, and each receives the decode system deciphering, and it is identical that described encrypted control data receives decode system for each.
16. first decode system as claimed in claim 15 also comprises:
Receiving system is used to receive the encrypted control data of being broadcasted;
It is right to decipher, and comprises first decoding and second decoding that lay respectively at described first element and second element, and described decoding is deciphered the encrypted control data of being broadcasted to using described first key and second key.
17., wherein use the discrete logarithm algorithm to decipher the encrypted control data of being broadcasted as any one described first decode system in claim 15 or 16.
18., wherein use RSA Algorithm to decipher the encrypted control data of being broadcasted as any one described first decode system in claim 15 or 16.
19. as any one described first decode system in the claim 15 to 18, wherein said control data is a control word, uses described control word to come the described audio-visual information of scrambling.
20. as any one described first decode system in the claim 15 to 18, wherein said control data is to utilize key, the described key control word of can decoding of utilizing uses described control word to come the described audio-visual information of scrambling.
21. as any one described first decode system in the claim 15 to 20, wherein: described first element is a decoder; Described second element is a portable security module.
22. equipment that is used to match first element and second element, described first element and second element form first decode system among a plurality of reception decode systems in the radio network, each receive decode system be suitable for descrambling via described radio network receive by the audio-visual information of scrambling, described equipment comprises:
Choice device is used to select first key, and described first key is unique in described radio network;
Processing unit, be used for determining described second key according to described first key, so that described first key and second combination of keys can be deciphered the encrypted control data of being broadcasted, described encrypted control data receives decode system at each and is received so that decipher, and it is identical that described encrypted control data receives decode system for each;
Distributor is used for giving described first element and second element described first key and second encryption key distribution respectively.
CNB2004800291590A 2003-10-06 2004-10-05 The portable security module pairing Active CN100539679C (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP03292459.9 2003-10-06
EP03292459A EP1523188A1 (en) 2003-10-06 2003-10-06 Portable security module pairing

Publications (2)

Publication Number Publication Date
CN1864407A true CN1864407A (en) 2006-11-15
CN100539679C CN100539679C (en) 2009-09-09

Family

ID=34307020

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2004800291590A Active CN100539679C (en) 2003-10-06 2004-10-05 The portable security module pairing

Country Status (9)

Country Link
US (1) US8401190B2 (en)
EP (2) EP1523188A1 (en)
JP (1) JP4740859B2 (en)
KR (1) KR101083200B1 (en)
CN (1) CN100539679C (en)
BR (1) BRPI0415096B1 (en)
DE (1) DE602004008093T2 (en)
MX (1) MXPA06003640A (en)
WO (1) WO2005034514A1 (en)

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008522470A (en) * 2004-11-25 2008-06-26 フランス テレコム Method for protecting a communication terminal connected with a terminal user identification information module
US7383438B2 (en) * 2004-12-18 2008-06-03 Comcast Cable Holdings, Llc System and method for secure conditional access download and reconfiguration
US7921301B2 (en) * 2005-05-17 2011-04-05 Dot Hill Systems Corporation Method and apparatus for obscuring data on removable storage devices
EP2018059A1 (en) * 2007-07-19 2009-01-21 Panasonic Corporation Digital video broadcast receiver and method for decrypting of digital data streams
EP2129116A1 (en) * 2008-05-29 2009-12-02 Nagravision S.A. Unit and method for securely processing audio/video data with controlled access
EP2141924A1 (en) * 2008-07-03 2010-01-06 Gemplus Process to ensure massive data diffusion security, and devices associated
EP2337347A1 (en) 2009-12-17 2011-06-22 Nagravision S.A. Method and processing unit for secure processing of access controlled audio/video data
US8782417B2 (en) 2009-12-17 2014-07-15 Nagravision S.A. Method and processing unit for secure processing of access controlled audio/video data
EP2458884A1 (en) * 2010-11-30 2012-05-30 Nagravision S.A. Secured remote control for audio/video receiver/decoder
WO2014004453A1 (en) 2012-06-29 2014-01-03 The Procter & Gamble Company System and method for high-speed continuous application of a strip material to a moving sheet-like substrate material
EP2802152B1 (en) 2013-05-07 2017-07-05 Nagravision S.A. Method for secure processing a stream of encrypted digital audio / video data
EP2827601A1 (en) * 2013-07-19 2015-01-21 Nagravision S.A. Method and device for protecting decryption keys of a decoder
AR126203A1 (en) * 2021-06-23 2023-09-27 Arris Entpr Llc SYSTEM AND METHOD FOR SECURELY DELIVERING KEYS AND ENCRYPTING CONTENT IN CLOUD COMPUTING ENVIRONMENTS

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5029207A (en) * 1990-02-01 1991-07-02 Scientific-Atlanta, Inc. External security module for a television signal decoder
IL107967A (en) * 1993-12-09 1996-12-05 News Datacom Research Ltd Apparatus and method for securing communication systems
JPH08195735A (en) * 1995-01-18 1996-07-30 Toshiba Corp Decoder
JP2001519629A (en) * 1997-10-02 2001-10-23 カナル プラス ソシエテ アノニム Method and apparatus for transmitting an encrypted data stream
RU2000111530A (en) * 1997-10-02 2002-05-27 Каналь+Сосьетэ Аноним METHOD AND DEVICE FOR ENCRYPTED DATA STREAM TRANSLATION
JPH11120695A (en) * 1997-10-08 1999-04-30 Victor Co Of Japan Ltd Information signal reproducing method, card-shaped recording medium and decoder device
WO1999035782A1 (en) * 1998-01-02 1999-07-15 Cryptography Research, Inc. Leak-resistant cryptographic method and apparatus
WO1999043120A1 (en) * 1998-02-20 1999-08-26 Digital Video Express, L.P. Information access control system and method
GB2386522B (en) * 2002-03-14 2005-04-27 Livedevices Ltd Improvements relating to secure internet communication with small embedded devices
US20040017918A1 (en) * 2002-07-24 2004-01-29 Christophe Nicolas Process for point-to-point secured transmission of data and electronic module for implementing the process
DE60330576D1 (en) * 2002-08-19 2010-01-28 Nagravision Sa KEY VALIDITY TESTING METHOD FOR A DIGITAL HOME NETWORK
US20040264700A1 (en) * 2003-06-26 2004-12-30 International Business Machines Corporation Wireless bridge device for secure, dedicated connection to a network

Also Published As

Publication number Publication date
CN100539679C (en) 2009-09-09
WO2005034514A1 (en) 2005-04-14
JP2007507940A (en) 2007-03-29
EP1671485A1 (en) 2006-06-21
US20070253551A1 (en) 2007-11-01
DE602004008093D1 (en) 2007-09-20
JP4740859B2 (en) 2011-08-03
US8401190B2 (en) 2013-03-19
BRPI0415096B1 (en) 2018-02-14
BRPI0415096A8 (en) 2017-12-05
DE602004008093T2 (en) 2008-05-08
BRPI0415096A (en) 2006-12-26
EP1523188A1 (en) 2005-04-13
EP1671485B1 (en) 2007-08-08
KR20060120011A (en) 2006-11-24
KR101083200B1 (en) 2011-11-11
MXPA06003640A (en) 2006-06-05

Similar Documents

Publication Publication Date Title
CN1146185C (en) Protecting information in system
KR101009523B1 (en) Method for secure data exchange between two devices
CN1171454C (en) Method and apparatus for encrypted data stream transmission
EP0658054B1 (en) Apparatus and method for securing communication systems
CN1200534C (en) Data communications
CN1258898C (en) Method for managing symmetrical secret key in communication network, and device for carrying out such method
CN1174578C (en) Process for data certification by scrambling and certification system using such process
US8548167B2 (en) System for traceable decryption of bandwidth-efficient broadcast of encrypted messages and security module revocation method used for securing broadcasted messages
CN1655495A (en) System and method for security key transmission with strong pairing to destination client
CN1655503A (en) A secure key authentication and ladder system
CN1780361A (en) Digital audio/video data processing unit and method for controlling access to said data
EP2327211A2 (en) Simulcrypt key sharing with hashed keys
CN1864407A (en) Portable security module pairing
US7487349B2 (en) Method for securing a ciphered content transmitted by a broadcaster
CN1292185A (en) Method and apparatus for conveying private message to selected members
CN1549595A (en) Information transmitting method and apparatus for interactive digital broadcast television system
WO2018138724A1 (en) Asymmetric content protection of large datastreams
CN101720013B (en) Anti-decryption set-top box conditional receiving method
CN1668101A (en) A conditional reception system merging Internet and cable television network environments
CN101179345A (en) Method of encrypting and decrypting condition receiving system
CN1930881A (en) Method for securing encrypted content broadcast by a broadcaster
EP1459474A2 (en) Anti-pirate method for the distribution of digital content
KR100429687B1 (en) Method for transmitting and receiving software image
CN102111764B (en) Method, system and device for protecting safety of broadcast information
JP2005191847A (en) Broadcast equipment and receiver

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
ASS Succession or assignment of patent right

Owner name: NAGRA FRANCE SAS

Free format text: FORMER OWNER: NAGRA THOMSON LICENSING CORP.

Effective date: 20130912

C41 Transfer of patent application or patent right or utility model
C56 Change in the name or address of the patentee

Owner name: NAGRA THOMSON LICENSING CORP.

Free format text: FORMER NAME: CANAL TECH S.A.

CP01 Change in the name or title of a patent holder

Address after: Paris France

Patentee after: Nagra Thomson licensing

Address before: Paris France

Patentee before: CANAL + TECHNOLOGIES

TR01 Transfer of patent right

Effective date of registration: 20130912

Address after: Paris France

Patentee after: NAGRA FRANCE S.A.S.

Address before: Paris France

Patentee before: Nagra Thomson licensing